<ul><li>OAuth 2.1 is a refined update of OAuth 2.0, a popular authorization framework for APIs and authentication flows.</li><li>Changes in OAuth 2.1 include making PKCE mandatory, discontinuation of the implicit grant, improving refresh tokens and tightening redirect URI rules.</li><li>The update simplifies grant types, focuses on security, and provides a battle-tested and future-proofed framework.</li><li>For new projects, it is recommended to use OAuth 2.1, while existing systems running OAuth 2.0 can benefit from adopting OAuth 2.1 best practices.</li></ul>

OAuth 2.0 vs. OAuth 2.1: What’s Changed and Why It Matters

Discover more